The 'CRIME' attack announced last week exploits the data compression scheme used by the TLS (Transport Layer Security) and SPDY protocols to decrypt user authentication cookies from HTTPS (HTTP Secure) traffic, one of the attack's creators ...
Tags: CRIME attack, data compression scheme, TLS, SPDY protocols, HTTPS
A variation of the attack that can wipe data from Samsung Android devices when visiting a malicious Web page can also be used to disable the SIM cards from many Android phones, researchers have said. Ravishankar Borgaonkar, a research ...
Tags: Android, Galaxy Ace, highlightedpost, Samsung, SIM
More than half of office workers don’t follow their company’s IT security policies, or aren’t even aware of the policies, according to survey results collected by Xerox and McAfee. The joint data survey held by the two ...
Tags: Embedded Control software, IT security, malware, McAfee, Viruses, Xerox
From Google Maps,the U.S.National Security Agency's parking lot has a larger footprint than the building itself.And for the high secrecy surrounding what goes on inside,there is plenty of information flowing just outside. In a ...
Tags: The Nsa's Parking Lot, Google Maps
A 16-year-old security researcher from India plans to present a malware application for Windows Phone 8 at the upcoming MalCon security conference in New Delhi,India,on Nov.24. According to a brief description of the presentation on the ...
Tags: MalCon security conference, malware application, Windows Phone 8
Software made by Siemens and targeted by the Stuxnet malware is still full of other dangerous vulnerabilities,according to Russian researchers whose presentation at the Defcon security conference earlier this year was cancelled following a ...
Tags: Siemens software, Stuxnet, Sergey Gordeychik, SCADA system
IDG News Service-Security researcher Zoltan Balazs has developed a remote-controlled piece of malware that functions as a browser extension and is capable of modifying Web pages,downloading and executing files,hijacking accounts,bypassing ...
Tags: malware, browser extension, remote-controlled, Balazs
IDG News Service-The famed iPhone hacker"Comex,"who engineered ways to hack Apple's mobile operating system,is no longer doing work for the company,according to Twitter postings. "So...no point in delaying.As of last week,after about a ...
Tags: iPhone, Apple, operating system
Computerworld - Google today awarded $60,000 to a security researcher who cracked Chrome at the search firm's second "Pwnium" hacking contest. The researcher, a teenager who goes by the nickname "Pinkie Pie," was a returning winner: Last ...
Tags: Google, security researcher, Protection
IDG News Service - Security researcher Felix "FX" Lindner has a more compelling reason to steer clear of routers from Huawei Technologies than fears about its ownership. While the company blasted for its opaque relationship with China's ...
Tags: Huawei, ownership, China's government
Hack in the Box will host its 10th security conference this week in Kuala Lumpur featuring an all-star cast of hacking luminaries and a cutting-edge program. The lengthy speakers list includes John Draper aka"Captain Crunch,"who famously ...
Samsung is facing calls to issue a security update for the Galaxy S3 smartphone after it was discovered that the device can be reset by code hidden in a web page. German security researchers have demonstrated how an 11-character code can ...
Tags: Samsung, Galaxy S3, smartphone, vulnerability, hackers
Attendees at a security conference were left stunned when a researcher demonstrated how a hidden web code could allow a Samsung Galaxy S3's data to be completely wiped. The code,which is currently available online and consists of 11 ...
Tags: Samsung Galaxy S3', hidden web code, Apple, Ravi Borgaonkar
Industrial Ethernet switches and other devices produced by industrial networking equipment manufacturer RuggedCom contain a vulnerability that could be exploited to compromise SSL-based communications between them and their users,according ...
Tags: Industrial Ethernet, ICS-CERT, SSL, security, vulnerability
Contactless fare cards in the New Jersey and San Francisco transit systems can be manipulated using an Android application,enabling travelers to reset their card balance and travel for free,researchers demonstrated Thursday at the EUSecWest ...